Export a private key without encryption using openssl

July 28, 2007 – 14:54 | LAMP

When I generated a private key file for a new server I’m setting up, I put in a pass phrase. The PEM file for the private key is then encrypted with that pass phrase. Usually that’s a good thing, but a problem came when I needed to make postfix use that and the certificate issued based-on it. Postfix can only access a passwordless private key file. So to produce one, here’s what I did:

cat my.crt my.key >my.pem
openssl pkcs12 -export -in my.pem -nodes -out my.pfx
openssl pkcs12 -in my.pfx -out my-nodes.key -nodes -nocerts

Trackback from your site, or follow the comments in RSS.

Post a Comment

The Path to Zen is proudly powered by WordPress Entries (RSS) and Comments (RSS). Designed by Bob